grpc 1.24.0 → 1.25.0.pre1

data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc

@@ -31,7 +31,7 @@ static grpc_alts_credentials_options* alts_server_options_copy(
     const grpc_alts_credentials_options* options);
 
 static void alts_server_options_destroy(
-    grpc_alts_credentials_options* options) {}
+    grpc_alts_credentials_options* /*options*/) {}
 
 static const grpc_alts_credentials_options_vtable vtable = {
     alts_server_options_copy, alts_server_options_destroy};

data/src/core/lib/security/credentials/credentials.h

@@ -110,17 +110,7 @@ struct grpc_channel_credentials
   create_security_connector(
       grpc_core::RefCountedPtr<grpc_call_credentials> call_creds,
       const char* target, const grpc_channel_args* args,
-      grpc_channel_args** new_args)
-#if GRPC_USE_CPP_STD_LIB
-      = 0;
-#else
-  {
-    // Tell clang-tidy that call_creds cannot be passed as const-ref.
-    call_creds.reset();
-    gpr_log(GPR_ERROR, "Function marked GRPC_ABSTRACT was not implemented");
-    GPR_ASSERT(false);
-  }
-#endif
+      grpc_channel_args** new_args) = 0;
 
   // Creates a version of the channel credentials without any attached call
   // credentials. This can be used in order to open a channel to a non-trusted
@@ -156,8 +146,6 @@ struct grpc_channel_credentials
 
   const char* type() const { return type_; }
 
-  GRPC_ABSTRACT_BASE_CLASS
-
  private:
   const char* type_;
   grpc_core::Map<grpc_core::UniquePtr<char>,
@@ -248,18 +236,16 @@ struct grpc_call_credentials
                                     grpc_auth_metadata_context context,
                                     grpc_credentials_mdelem_array* md_array,
                                     grpc_closure* on_request_metadata,
-                                    grpc_error** error) GRPC_ABSTRACT;
+                                    grpc_error** error) = 0;
 
   // Cancels a pending asynchronous operation started by
   // grpc_call_credentials_get_request_metadata() with the corresponding
   // value of \a md_array.
   virtual void cancel_get_request_metadata(
-      grpc_credentials_mdelem_array* md_array, grpc_error* error) GRPC_ABSTRACT;
+      grpc_credentials_mdelem_array* md_array, grpc_error* error) = 0;
 
   const char* type() const { return type_; }
 
-  GRPC_ABSTRACT_BASE_CLASS
-
  private:
   const char* type_;
 };
@@ -282,7 +268,7 @@ struct grpc_server_credentials
   virtual ~grpc_server_credentials() { DestroyProcessor(); }
 
   virtual grpc_core::RefCountedPtr<grpc_server_security_connector>
-  create_security_connector() GRPC_ABSTRACT;
+  create_security_connector() = 0;
 
   const char* type() const { return type_; }
 
@@ -292,8 +278,6 @@ struct grpc_server_credentials
   void set_auth_metadata_processor(
       const grpc_auth_metadata_processor& processor);
 
-  GRPC_ABSTRACT_BASE_CLASS
-
  private:
   void DestroyProcessor() {
     if (processor_.destroy != nullptr && processor_.state != nullptr) {

data/src/core/lib/security/credentials/fake/fake_credentials.cc

@@ -45,7 +45,7 @@ class grpc_fake_channel_credentials final : public grpc_channel_credentials {
   create_security_connector(
       grpc_core::RefCountedPtr<grpc_call_credentials> call_creds,
       const char* target, const grpc_channel_args* args,
-      grpc_channel_args** new_args) override {
+      grpc_channel_args** /*new_args*/) override {
     return grpc_fake_channel_security_connector_create(
         this->Ref(), std::move(call_creds), target, args);
   }
@@ -89,9 +89,9 @@ const char* grpc_fake_transport_get_expected_targets(
 /* -- Metadata-only test credentials. -- */
 
 bool grpc_md_only_test_credentials::get_request_metadata(
-    grpc_polling_entity* pollent, grpc_auth_metadata_context context,
+    grpc_polling_entity* /*pollent*/, grpc_auth_metadata_context /*context*/,
     grpc_credentials_mdelem_array* md_array, grpc_closure* on_request_metadata,
-    grpc_error** error) {
+    grpc_error** /*error*/) {
   grpc_credentials_mdelem_array_add(md_array, md_);
   if (is_async_) {
     GRPC_CLOSURE_SCHED(on_request_metadata, GRPC_ERROR_NONE);
@@ -101,7 +101,7 @@ bool grpc_md_only_test_credentials::get_request_metadata(
 }
 
 void grpc_md_only_test_credentials::cancel_get_request_metadata(
-    grpc_credentials_mdelem_array* md_array, grpc_error* error) {
+    grpc_credentials_mdelem_array* /*md_array*/, grpc_error* error) {
   GRPC_ERROR_UNREF(error);
 }
 

data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h

@@ -85,13 +85,11 @@ class grpc_oauth2_token_fetcher_credentials : public grpc_call_credentials {
   void on_http_response(grpc_credentials_metadata_request* r,
                         grpc_error* error);
 
-  GRPC_ABSTRACT_BASE_CLASS
-
  protected:
   virtual void fetch_oauth2(grpc_credentials_metadata_request* req,
                             grpc_httpcli_context* httpcli_context,
                             grpc_polling_entity* pollent, grpc_iomgr_cb_func cb,
-                            grpc_millis deadline) GRPC_ABSTRACT;
+                            grpc_millis deadline) = 0;
 
  private:
   gpr_mu mu_;

data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h

@@ -42,6 +42,12 @@ struct grpc_tls_key_materials_config
   int version() const { return version_; }
 
   /** Setters for member fields. **/
+  void set_pem_root_certs(grpc_core::UniquePtr<char> pem_root_certs) {
+    pem_root_certs_ = std::move(pem_root_certs);
+  }
+  void add_pem_key_cert_pair(grpc_core::PemKeyCertPair pem_key_cert_pair) {
+    pem_key_cert_pair_list_.push_back(pem_key_cert_pair);
+  }
   void set_key_materials(grpc_core::UniquePtr<char> pem_root_certs,
                          PemKeyCertPairList pem_key_cert_pair_list);
   void set_version(int version) { version_ = version; }
@@ -65,18 +71,46 @@ struct grpc_tls_credential_reload_config
       void (*destruct)(void* config_user_data));
   ~grpc_tls_credential_reload_config();
 
+  void* context() const { return context_; }
+  void set_context(void* context) { context_ = context; }
+
   int Schedule(grpc_tls_credential_reload_arg* arg) const {
+    if (schedule_ == nullptr) {
+      gpr_log(GPR_ERROR, "schedule API is nullptr");
+      if (arg != nullptr) {
+        arg->status = GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL;
+        arg->error_details =
+            gpr_strdup("schedule API in credential reload config is nullptr");
+      }
+      return 1;
+    }
+    if (arg != nullptr) {
+      arg->config = const_cast<grpc_tls_credential_reload_config*>(this);
+    }
     return schedule_(config_user_data_, arg);
   }
   void Cancel(grpc_tls_credential_reload_arg* arg) const {
     if (cancel_ == nullptr) {
       gpr_log(GPR_ERROR, "cancel API is nullptr.");
+      if (arg != nullptr) {
+        arg->status = GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL;
+        arg->error_details =
+            gpr_strdup("cancel API in credential reload config is nullptr");
+      }
       return;
     }
+    if (arg != nullptr) {
+      arg->config = const_cast<grpc_tls_credential_reload_config*>(this);
+    }
     cancel_(config_user_data_, arg);
   }
 
  private:
+  /** This is a pointer to the wrapped language implementation of
+   * grpc_tls_credential_reload_config. It is necessary to implement the C
+   * schedule and cancel functions, given the schedule or cancel function in a
+   * wrapped language. **/
+  void* context_ = nullptr;
   /** config-specific, read-only user data that works for all channels created
      with a credential using the config. */
   void* config_user_data_;
@@ -113,18 +147,48 @@ struct grpc_tls_server_authorization_check_config
       void (*destruct)(void* config_user_data));
   ~grpc_tls_server_authorization_check_config();
 
+  void* context() const { return context_; }
+  void set_context(void* context) { context_ = context; }
+
   int Schedule(grpc_tls_server_authorization_check_arg* arg) const {
+    if (schedule_ == nullptr) {
+      gpr_log(GPR_ERROR, "schedule API is nullptr");
+      if (arg != nullptr) {
+        arg->status = GRPC_STATUS_NOT_FOUND;
+        arg->error_details = gpr_strdup(
+            "schedule API in server authorization check config is nullptr");
+      }
+      return 1;
+    }
+    if (arg != nullptr && context_ != nullptr) {
+      arg->config =
+          const_cast<grpc_tls_server_authorization_check_config*>(this);
+    }
     return schedule_(config_user_data_, arg);
   }
   void Cancel(grpc_tls_server_authorization_check_arg* arg) const {
     if (cancel_ == nullptr) {
       gpr_log(GPR_ERROR, "cancel API is nullptr.");
+      if (arg != nullptr) {
+        arg->status = GRPC_STATUS_NOT_FOUND;
+        arg->error_details = gpr_strdup(
+            "schedule API in server authorization check config is nullptr");
+      }
       return;
     }
+    if (arg != nullptr) {
+      arg->config =
+          const_cast<grpc_tls_server_authorization_check_config*>(this);
+    }
     cancel_(config_user_data_, arg);
   }
 
  private:
+  /** This is a pointer to the wrapped language implementation of
+   * grpc_tls_server_authorization_check_config. It is necessary to implement
+   * the C schedule and cancel functions, given the schedule or cancel function
+   * in a wrapped language. **/
+  void* context_ = nullptr;
   /** config-specific, read-only user data that works for all channels created
      with a Credential using the config. */
   void* config_user_data_;

data/src/core/lib/security/security_connector/alts/alts_security_connector.cc

@@ -81,7 +81,7 @@ class grpc_alts_channel_security_connector final
   ~grpc_alts_channel_security_connector() override { gpr_free(target_name_); }
 
   void add_handshakers(
-      grpc_pollset_set* interested_parties,
+      const grpc_channel_args* args, grpc_pollset_set* interested_parties,
       grpc_core::HandshakeManager* handshake_manager) override {
     tsi_handshaker* handshaker = nullptr;
     const grpc_alts_credentials* creds =
@@ -91,7 +91,7 @@ class grpc_alts_channel_security_connector final
                                           interested_parties,
                                           &handshaker) == TSI_OK);
     handshake_manager->Add(
-        grpc_core::SecurityHandshakerCreate(handshaker, this));
+        grpc_core::SecurityHandshakerCreate(handshaker, this, args));
   }
 
   void check_peer(tsi_peer peer, grpc_endpoint* ep,
@@ -142,7 +142,7 @@ class grpc_alts_server_security_connector final
   ~grpc_alts_server_security_connector() override = default;
 
   void add_handshakers(
-      grpc_pollset_set* interested_parties,
+      const grpc_channel_args* args, grpc_pollset_set* interested_parties,
       grpc_core::HandshakeManager* handshake_manager) override {
     tsi_handshaker* handshaker = nullptr;
     const grpc_alts_server_credentials* creds =
@@ -151,7 +151,7 @@ class grpc_alts_server_security_connector final
                    creds->options(), nullptr, creds->handshaker_service_url(),
                    false, interested_parties, &handshaker) == TSI_OK);
     handshake_manager->Add(
-        grpc_core::SecurityHandshakerCreate(handshaker, this));
+        grpc_core::SecurityHandshakerCreate(handshaker, this, args));
   }
 
   void check_peer(tsi_peer peer, grpc_endpoint* ep,

data/src/core/lib/security/security_connector/fake/fake_security_connector.cc

@@ -27,7 +27,7 @@
 #include <grpc/support/string_util.h>
 
 #include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h"
-#include "src/core/ext/filters/client_channel/lb_policy/xds/xds.h"
+#include "src/core/ext/filters/client_channel/xds/xds_channel_args.h"
 #include "src/core/ext/transport/chttp2/alpn/alpn.h"
 #include "src/core/lib/channel/channel_args.h"
 #include "src/core/lib/channel/handshaker.h"
@@ -56,8 +56,8 @@ class grpc_fake_channel_security_connector final
         expected_targets_(
             gpr_strdup(grpc_fake_transport_get_expected_targets(args))),
         is_lb_channel_(
-            grpc_channel_args_find(
-                args, GRPC_ARG_ADDRESS_IS_XDS_LOAD_BALANCER) != nullptr ||
+            grpc_channel_args_find(args, GRPC_ARG_ADDRESS_IS_XDS_SERVER) !=
+                nullptr ||
             grpc_channel_args_find(
                 args, GRPC_ARG_ADDRESS_IS_GRPCLB_LOAD_BALANCER) != nullptr) {
     const grpc_arg* target_name_override_arg =
@@ -96,10 +96,11 @@ class grpc_fake_channel_security_connector final
     return GPR_ICMP(is_lb_channel_, other->is_lb_channel_);
   }
 
-  void add_handshakers(grpc_pollset_set* interested_parties,
+  void add_handshakers(const grpc_channel_args* args,
+                       grpc_pollset_set* interested_parties,
                        grpc_core::HandshakeManager* handshake_mgr) override {
     handshake_mgr->Add(grpc_core::SecurityHandshakerCreate(
-        tsi_create_fake_handshaker(/*is_client=*/true), this));
+        tsi_create_fake_handshaker(/*is_client=*/true), this, args));
   }
 
   bool check_call_host(grpc_core::StringView host,
@@ -271,10 +272,11 @@ class grpc_fake_server_security_connector
     fake_check_peer(this, peer, auth_context, on_peer_checked);
   }
 
-  void add_handshakers(grpc_pollset_set* interested_parties,
+  void add_handshakers(const grpc_channel_args* args,
+                       grpc_pollset_set* interested_parties,
                        grpc_core::HandshakeManager* handshake_mgr) override {
     handshake_mgr->Add(grpc_core::SecurityHandshakerCreate(
-        tsi_create_fake_handshaker(/*=is_client*/ false), this));
+        tsi_create_fake_handshaker(/*=is_client*/ false), this, args));
   }
 
   int cmp(const grpc_security_connector* other) const override {

data/src/core/lib/security/security_connector/load_system_roots_linux.cc

@@ -66,6 +66,8 @@ grpc_slice GetSystemRootCerts() {
         grpc_load_file(kLinuxCertFiles[i], 1, &valid_bundle_slice);
     if (error == GRPC_ERROR_NONE) {
       return valid_bundle_slice;
+    } else {
+      GRPC_ERROR_UNREF(error);
     }
   }
   return grpc_empty_slice();

data/src/core/lib/security/security_connector/local/local_security_connector.cc

@@ -129,13 +129,13 @@ class grpc_local_channel_security_connector final
   ~grpc_local_channel_security_connector() override { gpr_free(target_name_); }
 
   void add_handshakers(
-      grpc_pollset_set* interested_parties,
+      const grpc_channel_args* args, grpc_pollset_set* interested_parties,
       grpc_core::HandshakeManager* handshake_manager) override {
     tsi_handshaker* handshaker = nullptr;
     GPR_ASSERT(local_tsi_handshaker_create(true /* is_client */, &handshaker) ==
                TSI_OK);
     handshake_manager->Add(
-        grpc_core::SecurityHandshakerCreate(handshaker, this));
+        grpc_core::SecurityHandshakerCreate(handshaker, this, args));
   }
 
   int cmp(const grpc_security_connector* other_sc) const override {
@@ -187,13 +187,13 @@ class grpc_local_server_security_connector final
   ~grpc_local_server_security_connector() override = default;
 
   void add_handshakers(
-      grpc_pollset_set* interested_parties,
+      const grpc_channel_args* args, grpc_pollset_set* interested_parties,
       grpc_core::HandshakeManager* handshake_manager) override {
     tsi_handshaker* handshaker = nullptr;
     GPR_ASSERT(local_tsi_handshaker_create(false /* is_client */,
                                            &handshaker) == TSI_OK);
     handshake_manager->Add(
-        grpc_core::SecurityHandshakerCreate(handshaker, this));
+        grpc_core::SecurityHandshakerCreate(handshaker, this, args));
   }
 
   void check_peer(tsi_peer peer, grpc_endpoint* ep,

data/src/core/lib/security/security_connector/security_connector.cc

@@ -53,6 +53,7 @@ grpc_channel_security_connector::grpc_channel_security_connector(
     : grpc_security_connector(url_scheme),
       channel_creds_(std::move(channel_creds)),
       request_metadata_creds_(std::move(request_metadata_creds)) {}
+
 grpc_channel_security_connector::~grpc_channel_security_connector() {}
 
 int grpc_security_connector_cmp(const grpc_security_connector* sc,

data/src/core/lib/security/security_connector/security_connector.h

@@ -58,15 +58,13 @@ class grpc_security_connector
   virtual void check_peer(
       tsi_peer peer, grpc_endpoint* ep,
       grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
-      grpc_closure* on_peer_checked) GRPC_ABSTRACT;
+      grpc_closure* on_peer_checked) = 0;
 
   /* Compares two security connectors. */
-  virtual int cmp(const grpc_security_connector* other) const GRPC_ABSTRACT;
+  virtual int cmp(const grpc_security_connector* other) const = 0;
 
   const char* url_scheme() const { return url_scheme_; }
 
-  GRPC_ABSTRACT_BASE_CLASS
-
  private:
   const char* url_scheme_;
 };
@@ -91,7 +89,9 @@ class grpc_channel_security_connector : public grpc_security_connector {
   grpc_channel_security_connector(
       const char* url_scheme,
       grpc_core::RefCountedPtr<grpc_channel_credentials> channel_creds,
-      grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds);
+      grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds
+      /*,
+      grpc_channel_args* channel_args = nullptr*/);
   ~grpc_channel_security_connector() override;
 
   /// Checks that the host that will be set for a call is acceptable.
@@ -101,16 +101,16 @@ class grpc_channel_security_connector : public grpc_security_connector {
   virtual bool check_call_host(grpc_core::StringView host,
                                grpc_auth_context* auth_context,
                                grpc_closure* on_call_host_checked,
-                               grpc_error** error) GRPC_ABSTRACT;
+                               grpc_error** error) = 0;
   /// Cancels a pending asynchronous call to
   /// grpc_channel_security_connector_check_call_host() with
   /// \a on_call_host_checked as its callback.
   virtual void cancel_check_call_host(grpc_closure* on_call_host_checked,
-                                      grpc_error* error) GRPC_ABSTRACT;
+                                      grpc_error* error) = 0;
   /// Registers handshakers with \a handshake_mgr.
-  virtual void add_handshakers(grpc_pollset_set* interested_parties,
-                               grpc_core::HandshakeManager* handshake_mgr)
-      GRPC_ABSTRACT;
+  virtual void add_handshakers(const grpc_channel_args* args,
+                               grpc_pollset_set* interested_parties,
+                               grpc_core::HandshakeManager* handshake_mgr) = 0;
 
   const grpc_channel_credentials* channel_creds() const {
     return channel_creds_.get();
@@ -125,16 +125,20 @@ class grpc_channel_security_connector : public grpc_security_connector {
     return request_metadata_creds_.get();
   }
 
-  GRPC_ABSTRACT_BASE_CLASS
-
  protected:
   // Helper methods to be used in subclasses.
   int channel_security_connector_cmp(
       const grpc_channel_security_connector* other) const;
 
+  // grpc_channel_args* channel_args() const { return channel_args_.get(); }
+  //// Should be called as soon as the channel args are not needed to reduce
+  //// memory usage.
+  // void clear_channel_arg() { channel_args_.reset(); }
+
  private:
   grpc_core::RefCountedPtr<grpc_channel_credentials> channel_creds_;
   grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds_;
+  grpc_core::UniquePtr<grpc_channel_args> channel_args_;
 };
 
 /* --- server_security_connector object. ---
@@ -149,9 +153,9 @@ class grpc_server_security_connector : public grpc_security_connector {
       grpc_core::RefCountedPtr<grpc_server_credentials> server_creds);
   ~grpc_server_security_connector() override = default;
 
-  virtual void add_handshakers(grpc_pollset_set* interested_parties,
-                               grpc_core::HandshakeManager* handshake_mgr)
-      GRPC_ABSTRACT;
+  virtual void add_handshakers(const grpc_channel_args* args,
+                               grpc_pollset_set* interested_parties,
+                               grpc_core::HandshakeManager* handshake_mgr) = 0;
 
   const grpc_server_credentials* server_creds() const {
     return server_creds_.get();
@@ -160,8 +164,6 @@ class grpc_server_security_connector : public grpc_security_connector {
     return server_creds_.get();
   }
 
-  GRPC_ABSTRACT_BASE_CLASS
-
  protected:
   // Helper methods to be used in subclasses.
   int server_security_connector_cmp(